* Normally you can't access Chrome's decrypted cookie storage unless you're in an interactive session and you've unlocked the keychain.
* An attacker running code on your computer (nefarious NPM package, etc) can spawn a headless chrome session with remote debugging enabled and then slurp out all the decrypted cookies through the remote debugging socket
Chrome is very frightening to me. It's just this massive God program that has a huge attack surface and a lot of really valuable goodies like this that attackers would love to get at.
Most desktop OSes aren't designed to defend applications run by the same user from one another. As a consequence an attacker running unsandboxed code with your user privileges is an attack that's very difficult to defend against.
Chrome is very frightening to me. It's just this massive God program that has a huge attack surface and a lot of really valuable goodies like this that attackers would love to get at.
I think the right way to look at it is that it's a smaller OS. Different in nature, but browsers are now in the OS league for how much damage a compromise can do.
* Normally you can't access Chrome's decrypted cookie storage unless you're in an interactive session and you've unlocked the keychain.
* An attacker running code on your computer (nefarious NPM package, etc) can spawn a headless chrome session with remote debugging enabled and then slurp out all the decrypted cookies through the remote debugging socket
Chrome is very frightening to me. It's just this massive God program that has a huge attack surface and a lot of really valuable goodies like this that attackers would love to get at.